Description

WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently steal session data and possibly access admin areas of your website. WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool version 1.7.14 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.7.15 or latest

References

Related Vulnerabilities

Severity

High

Classification

CWE-264

Tags

Missing Update Authentication Bypass